Automated Teller Machines (ATMs), PIN entry devices, and point of sale (POS) terminals have become central features of modern life and are prevalent in a number of environments. For example, during the course of a day, a user may utilize an ATM to conduct financial transactions, purchase gas from a point of sale terminal in the form of a fuel pump via a credit or debit card, and purchase food at the grocery store with a point of sale terminal also with a credit or debit card. In all of these instances, security is a prime concern, and an individual's data (card number, passwords, account numbers, etc.) should be kept secure and out of reach from unintended parties. In addition, access to controls and machine settings should be secured. The securing of sensitive data is normally accomplished through the use of encryption or encoding of the data. Encrypted data is supposed to be accessible only by an intended party with use of one or more encryption keys to decipher the encoded information. The widespread use of electronic transaction processing applications has increased the demands for improved features, ease of use, and improved security.
Remote Key Loading refers to the process of loading symmetric encryption keys to a remotely located device, such as an ATM, from a central administrative site. This process generally encompasses two phases of key distribution. The first phase includes distribution of initial key encrypting keys (KEKs) to a newly installed device. A KEK is a type of symmetric encryption key that is used to encrypt other keys so they can be securely transmitted over unprotected paths. The second phase includes distribution of operational keys or replacement KEKs, enciphered under a KEK currently installed in the device.
A new ATM or POS device, when it is delivered from the manufacturer and being put into operation, generally has none of the affiliated bank's or service provider's security keys pre-installed. The process of getting the first key securely loaded in the ATM or POS device is a difficult one. Loading the first KEK into each ATM or POS device manually, in multiple clear text key parts has typically been the preferred manner for performing a secure key loading process. In this process, two separate people carry key part values to the ATM, and load them manually. Once inside the ATM or POS device, they are combined to form the actual KEK. In this manner, neither of the two people has the entire key, protecting the key value from disclosure or misuse. This method is labor-intensive and error-prone, making it expensive for the banks or service providers.
Conventional methods for remote key loading have used public key infrastructure (PKI), or asymmetric cryptography, to load encryption keys into remotely located devices. However, the infrastructure of both hardware and software necessary to provide PKI remote key loading can be complex and expensive. In addition, traditional PKI systems typically require establishment of a trusted third party for issuing digital certificates that bind a public key with other preselected information for verification purposes. Accordingly, systems and methods for remote key loading that are less complex and expensive than PKI would be beneficial.